This document was last updated on 13 June 2019.
Virus Bulletin Ltd takes your privacy very seriously and we are committed to protecting your personal information. This notice sets out our online information practices and explains the ways in which your personal information is collected and used.
Other than in the instances specifically outlined in this document, we will not share your personal information with third parties without your consent unless required by law.
Virus Bulletin Ltd
Manor House - Office 6
Howbery Business Park
Wallingford OX10 8BA
Both when you visit our main website and when you visit our extranet site, we only collect your IP address and information provided by your browser. These details are recorded temporarily in our webserver logs, but the logs are deleted after 4 weeks.
If you subscribe to our newsletter we will collect your email address.
If you want to use any of the extranet site's features, you must register as a user of the extranet, at which point we collect the following personal data:
In the rest of this document, we refer to this set of details (your name, email address, company/affiliation, job title and country) as the "extranet user" details.
If you register for a Virus Bulletin conference, in addition to the "extranet user" details listed above, your attendance of the conference will be recorded (your name and the event you attended), and we may also collect:
If you submit an abstract (a proposal) for a Virus Bulletin conference paper, in addition to the "extranet user" details listed above we will collect:
And we may collect
If you forward information to us electronically or as a hard copy, we will collect that information and use it for the purposes for which you have provided it. We will never collect sensitive information about you without your explicit consent.
Whether you apply for a position advertised by Virus Bulletin or send us your details speculatively, we will keep the information you have provided to us – including but not limited to: your CV, any details you have provided on your employment history, your qualifications, and any relevant disability – for one year after receipt.
Should your application be successful and you subsequently become a Virus Bulletin employee or contractor, your data will be kept until 6 years after the end of your employment by or contract with the company.
If you apply for a free student ticket for the VB Conference we will collect the following personal data:
and we may also collect
If you apply for a free student ticket for the VB Conference the data you submit will be shared with the company that sponsors the free student tickets (the "NextGen sponsor"). In 2019 the NextGen sponsor is Google Android. Your data will be shared with Google and treated by Google according to its own data retention and privacy policies.
In broad terms, Virus Bulletin uses your personal data in the following ways: to provide goods and services to you, to communicate with you about the services you have requested, for record-keeping purposes, and to let you know about other Virus Bulletin goods and services in which you may be interested.
Virus Bulletin also uses non-identifying and aggregate information in order to improve the design and functionality of the Site and to share with advertisers. For example, we may tell an advertiser that X number of individuals visited a certain area on our website, but we would not disclose anything that could be used to identify those individuals.
Every time a user visits the Site we store a log of the visit that shows: the IP address of the machine used to access the Internet, the browser used, the time and length of the visit, the pages visited, the referring site (where appropriate), and whether any page requests were unsuccessful.
This information is collected and processed in aggregate, and no attempt is made to link this information back to the user, or to identify them from the information provided. The data is used to help us to understand which areas of the Site are popular, as well as identify which pages are not being requested. It also tells us how many people are visiting the Site in total. We may also use this information to block IP addresses where there is a breach of the Terms and Conditions for use of the Site.
When you use this site to purchase a ticket to a VB conference, Virus Bulletin will collect personal details including your name, company name, job title, country, and email address. Virus Bulletin will collect this information both for purchasers of tickets (who are registered users of the extranet) and for every VB conference attendee (who may not be registered users of the extranet).
When you purchase a ticket to a VB conference, you will also need to submit your credit card details; these are entered directly on our online payments processor's web interface and are not processed or held by Virus Bulletin. Our online payments processor is currently SagePay.
When you register as a delegate for a Virus Bulletin conference (whether you do so yourself or someone else does this on your behalf), Virus Bulletin uses your personal details in the following ways:
At the conference itself, Virus Bulletin takes photographs to record the event. These photographs are kept as a record of the event and may in some cases be used in promotional material, to promote and advertise similar future events. Delegates who do not wish to be included in photographs are asked to make their wishes known to the photographer/VB team and Virus Bulletin will endeavour to honour such requests.
Photographs that contain clearly identifiable individuals will only be used publicly if consent has been gained from the individual(s) in question.
When you use this site to submit an abstract (a proposal) for a Virus Bulletin conference paper, Virus Bulletin will use your personal details in the following ways:
Our legal basis for collecting and using personal data will depend on the personal data concerned and the specific context in which we collect it.
However, we will normally collect personal data from you only where we need the personal data to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms, or where we have your consent to do so.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal data, please contact us on firstname.lastname@example.org.
Other than the instances listed below, Virus Bulletin will not pass your personal data to any other companies or organizations without your express permission. Unless we have your permission, we will not disclose your personal information except where we are obliged to do so or allowed to do so by law.
If you do not wish us to pass your information to any other companies, please let us know by emailing us at email@example.com.
Sending information over the internet is generally not completely secure, and even though all our services use HTTPS, we can't guarantee the security of your data while it's in transit.
Any data you send is at your own risk.
We take the security of your personal information seriously. We have security procedures in place to protect our paper-based systems and computerised databases from loss and misuse, and only allow access to them when it is absolutely necessary to do so, and then under strict guidelines as to what use may be made of the personal information contained within them.
We currently store data on secure servers in the European Economic Area (EEA).
Where a password is required to access certain areas of our Site(s), you are responsible for keeping your password secure and confidential. Please do not share or disclose your password to any other person.
In general, we will securely retain your information for as long as is reasonably necessary and in accordance with applicable law.
More specifically, your extranet account and all personal data associated with the account will be deleted after 3 years of inactivity.
Virus Bulletin abides by the following guidelines for email delivery:
We may use a third-party email service provider to send the emails on our behalf. Currently, our email service provider is sendinblue.
Links contained in emails sent via our email service provider may be personalised and will be redirected through sendinblue for statistics purposes.
Individuals who are involved in the Virus Bulletin conference - for example speakers, chairpersons, exhibitors - may on occasion be emailed by the contractor we use to assist with the organisation of the conference.
You may correct or update your personal information at any time by emailing us at firstname.lastname@example.org or by editing your details in your extranet user account. We encourage you to update your personal information promptly if it changes.
If you wish to submit a request that your data be deleted, please write to us at the above address.
You have the right to receive a copy of the personal information that we hold about you. Please write to us at the address above if you wish to exercise this right.
Information Commissioner's Office
You can also contact the Information Commissioner's Office using their online form.